Losing Access to your Crypto Wallet: Dangers and How to Not Lose your Funds?
Dmytro Volkov is the CTO at CEX.IO. He optimized the technology and processes at the exchange, as well as the trading and analytics systems and integrations with external systems. Created the CEX.IO Broker platform to trade derivatives. Also, he has over 15 years’ work experience in IT, including over 10 years in the financial market, and is an author of trainings on financial and tech topics.
There is a common problem for cryptocurrency exchanges where many of their clients do not wish to memorize their account credentials. Occasionally, they forget that information and lose access to their accounts.
Forgetting the key to a cryptocurrency wallet has been the reason why people have lost access to billions of USD worth of Bitcoin and other cryptocurrencies to date. The recent case of Stephan Thomas who has forgotten the password to his IronKey hard drive that stores his 7,002 Bitcoin is a good example. In general, it has been found that around 20% of existing Bitcoins are lost due to the loss of a password or a seed phrase for resetting the password for the wallet.
The reasons for losing access to cryptocurrency exchange accounts are several, but commonly most of the time: people forget the password or the two-factor authentication (2FA) details if the 2FA is enabled, change the device on which 2FA was stored, or change the phone number to which 2FA was linked.
We get lots of requests from our clients at CEX.IO for a two-factor authorisation reset. It ultimately comes from a lack of caution and attentiveness: people buy new mobile phones or change the phone number to which their keys are tied, and do not bother to change their 2FA data on the old ones. Then, when they lose access, they often blame the exchanges for being unable to operatively give them a new 2FA. But recovering access to an exchange account is not as easy as recovering a password. If you had 2FA enabled and you can no longer pass it, you will have to pass an identification procedure with the exchange to confirm your identity and reset the 2FA.
If a client has previously passed ID verification, they will have to do it again to confirm their identity. This is done to protect the client’s funds – in order to ensure that the request to reset the 2FA does not come from a malicious actor. This procedure takes time as you have to send photos of yourself to the exchange, and they should be identified by the customer support personnel. But many people dislike dealing with such procedures, thinking of them as troublesome and time-consuming. And this, in turn, traps exchanges in an unpleasant position where they have to consider both simplicity and client convenience as well as their obligations to keep the funds entrusted to them safe.
Sometimes it also so happens that hackers get hold of passwords and even 2FA on a hacked device. If that occurs, hackers usually change the 2FA details on the victim’s exchange account. In such situations, we temporarily block the withdrawal on the client’s account and notify them via email and SMS to let the account owner take action in case they were not the ones to change the 2FA.
Ways to Restore Access
There are several ways wallet services provide for the safekeeping of cryptocurrency: a seed-phrase, a multi-signature, a deferred money transfer, and trusted wallets.
The seed-phrase is used in the wallets which are only accessible to their owners and consists of several random words. In case you have forgotten the password to such a wallet, you can enter the seed phrase and access your wallet this way. In case you lose and forget the seed phrase, you will no longer be able to restore access to your funds.
The multi-signature mechanism of several keys is often utilized in online “hot” wallets on exchanges. Oftentimes, wallets with a multi-sig have three signatures and require two of them to execute a command. Two of these signatures are held with the client and the third – with the service provider. Under normal conditions, the key of the firm and one of the client’s keys are used for all operations. The second key the client has is a backup one that should be kept safely and may be used as a second one if the service provider stops operations.
A deferred-transfer mechanism is also a good way of keeping your digital currency accessible to you even if you forget the password and cannot restore it. It automatically sends the funds in the wallet to another address after the expiry of the set time. This way you can regain access to your funds in another wallet when this transfer comes through.
And trusted wallets are the ones used on cryptocurrency exchanges. Their advantage is that you can always regain access to them via a KYC procedure. But their flaw is that you can only access such wallets through your account on the exchange and not directly via a key.
At CEX.IO, we do our best to educate our clients on what to do not to lose access to their accounts, how they should act in situations when it happens after all, and how to simplify the recovery process. And we can assert with confidence that prudence and discipline are the two principles that will be your best guarantees against the permanent loss of your cryptocurrency funds.
Image source: Shutterstock
Tags
最新
